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Amendments to the claims, 



WV 03 Ha 



Listing of all claims pursuant to 37 CFR 1.121(c) 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1. (Currently amended) A method for a mobile client device to regulate 
access 10 di (Terent networks that the client device may be connected to , the method 
comprising: 

automatically obtaining information to identify adapters connected to a particular 
client device and networks to which said adapters are connected; 

automatically generating a profile for each network, including a current network 
to which said particular client device is connected; 

automatically comparing said profile of said current network to previously 
generated profiles to determine if said particular client device has previously connected to 
said current network; and 

if said particular client device has previously connected to said current network, 
automatically applying security settings previously utilized for said current network for 
regulating access to said current network. 

2. (Original) The method oTclaim I , further comprising: 
determining the security settings to be applied for said current network if said 

particular client device has not previously connected to said current network; and 
applying said security settings lor regulating access to said current network. 

3. (Original) The method of claim 2, further comprising: 
storing said security settings for said current network; and 

automatically applying said security settings when said particular client device 
subsequently connects to said current network. 

4. (Original) The method of claim 2, wherein said step of determining the 
security settings to be applied for said current network includes applying an established 
policy. 
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5. (Original) The method of claim 4, wherein said established policy includes 
treating a current network to which said device has not previously connected as unirusted. 

6. (Original) The method of claim 4, wherein said established policy includes 
treating a current network to which said device has not previously connected as trusted. 

7. (Original) The method of claim 4, wherein said established policy includes 
obtaining user input regarding said security settings. 

8. (Currently amended) The method of claim 7, wherein said established 
policy includes security settings to be applied in the event that when said user input is not 
obtained. 

9. (Original) The method of claim 1 , wherein said security settings are 
applied to a firewall module for regulating access to said current network. 

10. (Original) The method of claim 1, wherein said step of obtaining 
information to identify adapters and networks is initiated each time said particular client 
device is connected to a network. 

1 1 . (Original) The method or claim 1, wherein information to identify 
adapters and networks is obtained from an operating system kernel facility, 

12. (Currently amended) The method of claim 1 1 , wherein changes to network 
information in said operating kernel facility are examined to determine if the- 
configuration of an adapter's configuration has changed. 

1 3 . (Original) The method of claim 1 1 , wherein changes to network 
information in said operating kernel facility are examined to determine if said current 
network has changed. 

4 
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14. (Original) The method of claim 1, wherein a list of all adapters is 
constructed upon connection of said particular client device to a network, 

15. (Original) The method of claim 14, wherein each said adapter's network 
configuration is constructed upon connection of said particular client device to a network, 

16. (Original) The method of claim 14, wherein a profile of all adapters and 
said adapters' network configuration is constructed each time said particular client device 
is connected to a network, 

17. (Original) The method of claim 16, wherein said profile of an adapter 
includes a selected one or more of: connection method, physical address, IP address, 
subnet mask, and gateway IP address. 

18. (Original) The method of claim 16, wherein said profile of an adapter's 
network configuration includes a selected one or more of: network IP address, network 
mask, gateway MAC address, and connection name. 

19. (Original) The method of claim l s wherein a profile of said adapters and 
networks connected to said adapters is constructed each time a change in said adapters' 
network configuration is detected. 

20. (Original) The method of claim 1, wherein a network is identified by 
connection name if said network is a dialup connection with a resolvable connection 
name. 

21 . (Original) The method of claim 1, wherein a network is identified by 
connection name if said network is a PPP over Ethernet (PPPoE) connection with a 
resolvable connection name. 

5 
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22. (Original) The method of claim 1 , wherein a network is identified by 
gateway IP address and subnet mask if said network is an Ethernet network with a public 
TP address. 

23. (Original) The method of claim 1, wherein a network is identified by 
gateway IP address, subnet mask and physical address if said network is an Ethernet 
network with a private IP address. 

24. (Original) The method of claim 23, wherein said physical address is a 
MAC address. 

25. (Original) The method of claim 1, wherein a network is identified by 
gateway IP address and subnet mask if said network is a token ring network. 

26. (Original) The method of claim 1 , wherein a network is identified by 
gateway IP address and subnet mask if said network is an infrared network. 

27. (Original) The method of claim 1 , wherein a unique identifier is assigned 
to each network that is profiled. 

28. (Original) The method of claim 27, wherein said unique identifier is based 
upon a selected one or more of connection name, gateway TP address, subnet mask and 
physical address. 

29. (Original) The method of claim 27, wherein each said unique identifier is 

stored. 

30. (Original) The method of claim 27, wherein said unique identifier for a 
current network that is identified is compared to prior identifiers to determine if said 
particular client device has previously connected to said current network, 

6 
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3 1 . (Currently amended) A method for a mobile device to identify different 
networks to which said device is connected, the method comprising: 

automatically obtaining information to identify adapters connected to said device 
and current networks to which said adapters arc connected; 

automatically generating a profile for said current networks, including a current 
network to which said device is connected; 

automatically comparing said profile of said current network to which said device 
is connected to prior profiles to determine if said device has previously connected to said 
current network; and 

if said device has not previously connected to said current network, automatically 
notifying the device's user of said d e vic e of said a new connection to said current 
network. 

32. (Currently amended) The method of claim 31, further comprising: 

if said device has not previously connected to said current network, obtaining user 
input on &e particular security settings to be applied for said current network. 

33 . (Original) The method of claim 32, furiher comprising: 
applying said security settings to regulate access to said device. 

34. (OriginalXThe method of claim 33, wherein said security settings are 
applied to a firewall module for regulating access to said device. 

35. (Currently amended) The method of claim 32, further comprising: 
storing said security settings; and 

applying said security seUings in th e e v e nt when said device subsequently 
connects to said current network. 

36. (Currently amended) The method of claim 3 1 , further comprising: 

if said device has previously connected to said current network, applying the any 
security settings previously utilized Tor said current network for regulating access to said 

7 
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device* 

37. (Original) The method of claim 31 , wherein said profiles of said current 
networks arc used by a policy management application. 

38. (Original) The method of claim 31 , wherein said profiles of said current 
networks arc used by a security management application. 

39. (Original) The method of claim 31, wherein said profiles of said current 
networks are used by an end point security product to regulate access to said device. 

40. (Currently amended) A method for a mobile device to identify different 
networks to which said device is connected, the method comprising: 

automatically obtaining information to identify a current network to which said 
device is connected; 

automatically generating a profile for said current network; 

automatically comparing said profile of said current network to previously 
generated profiles to determine if said device has previously connected to said current 
network; and 

if said device has not previously connected to said current network, automatically 
treating said current network as untrusted for purposes of regulating access to said device. 

41. (Original) The method of claim 40, wherein a firewall module regulates 
access to said device. 

42. (Currently amended) The method of claim 40, further comprising: 
notifying the device's user of s aid device if said device has not previously 

connected to said current network. 

43. (Currently amended) The method of claim 42, further comprising: 
obtaining user input on the particular security settings to be applied to regulate 

8 
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access to said device. 

44. (Original) The method of claim 43, further comprising: 
automatically applying said security settings to a firewall module to regulate 

access to said device. 

45. (Currently amended) A method for a mobile device to identify different 
networks to which said device is connected, the method comprising: 

automatically obtaining information to identify a current network to which said 
device is connected; 

automatically generating a profile for said current network; 

automatically comparing said profile of said current network to previously stored 
profiles to determine if said device has previously connected to said current network; and 

if said device has not previously connected to said current network, automatically 
treating said current network as trusted for purposes of regulating access to said device. 

46. (Original) The method of claim 45, wherein a firewall module regulates 
access to said device. 

47. (Currently amended) The method of claim 45, further comprising: 
notifying the device's user of oatddovioo if said device has not previously 

connected to said current network. 

48. (Currently amended) The method of claim 47, further comprising: 
obtaining user input on the particular security settings to be applied to regulate 

access to said device. 

49. (Original) The method of claim 48, further comprising: 
automatically applying said security settings to a firewall module to regulate 

access to said device. 

9 
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50. (Currently amended) A system for a mobile device to identify different 
networks to which said device is connected and regulate access to said device, the system 
comprising: 

a network information engine for automatically obtaining and processing 
information on networks to which said device is connected; 

a network information data structure for storing said information automatically 
collected on said network^ said information uni quely identifying each network, including 
uniquely identifying local networks having duplicate network addresses: and 

a zone configuration module for establishing security settings to regulate access to 
said device , said security settings being applied automatically in a manner to regulate 
access to said device based on which uniquely-identified network said device is currently 
connected to» 

51. (Currently amended) The system of claim 50, wherein said network 
information engine constructs a list of all connected adapters upon connection of said 
client device to a network. 

52. (Original) The system of claim 51, wherein said network information 
engine constructs a list of all networks connected to said adapters upon connection of said 
device to a network. 

53. (Currently amended) The system of claim 51 , wherein said network 
information engine constructs a list of all adapters and networks to which said adapters 
arc connected each time a change in s aid current network connection is detected. 

54. (Original) The system of claim 50, wherein said network information 
engine obtains information to identify adapters connected to said device from an 
operating system kernel facility. 

55. (Original) The system of claim 54, wherein said network information 
engine obtains information to identify networks connected to said adapters from said 

10 
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operating system kernel facility. 

56. (Original) The system of claim 54, wherein changes to network 
information in said operating kernel facility arc examined to determine if a current 
network to which said device is connected has changed. 

57. (Original) The system of claim 50, wherein said network information 
engine identifies a network by connection name if said network is a dialup connection 
with a resolvable connection name, 

58. (Original) The system of claim 50, wherein said network information 
engine identifies a network by connection name if said network is a PPPoE connection 
with a resolvable connection name. 

59. (Original) The system of claim 50, wherein said network information 
engine identifies a network by gateway IP address and subnet mask if said network is an 
Ethernet network with a public IP address, 

60. (Original) The system or claim 50, wherein said network information 
engine identifies a network by gateway IP address, subnet mask and physical address if 
said network is an Ethernet network with a private EP address. 

61 . (Original) The system of claim 60, wherein said physical address is a 
MAC address. 

62. (Original) The system of claim 50, wherein said network information 
engine identifies a network by gateway LP address and subnet mask if said network is a 
token ring network. 

63 . (Original) The system of claim 50, wherein said network information 
engine identifies a network by gateway TP address and subnet mask if said network is an 

II 
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infrared network. 

64. (Original) The system of claim 50, wherein said network information 
engine assigns a unique identifier to each network. 

65. (Original) The system of claim 64, wherein said network information 
engine constructs said unique identifier based upon a selected one or more of connection 
name, gateway IP address, subnet mask and physical address. 

66. (Original) The system of claim 64, wherein each said unique identifier is 
stored in said network information data structure. 

67. (Original) The system of claim 64, wherein each, said unique identifier is 
stored in a database. 

68. (Original) The system of claim 64, wherein said network information 
engine compares said unique identifier for a current network to previously stored 
identifiers to determine if said device has previously connected to said current network. 

69. (Original) The system of claim 50, wherein said zone configuration 
module stores security settings for regulating access to said device. 

70. (Original) The system of claim 69, wherein said security settings include 
whether to treat a network as trusted. 

71 . (Original) The system of claim 69, wherein said security settings include 
whether to treat a network as untrustcd. 

72. (Original) The system of claim 69, wherein said security settings include 
treating a current network to which said device has not previously connected as untrusted. 



12 
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73. (Original) The system of claim 69, wherein said security settings include 
obtaining user input regarding the security settings to be applied for a network, 

74. (Currently amended) The system of claim 73, wherein said security 
settings include rules to be applied in th e e vent that when user input is not obtained. 

75. (Original) The system of claim 50, wherein said zone configuration 
module stores security settings for regulating access from said device to different 
networks, 

76. (Original) The system of claim 50, wherein said zone configuration 
module automatically applies said security settings to a firewall module for purposes of 
regulating access to said device. 

77. (Original) The system of claim 50, further comprising: 
a firewall module for regulating access to and from said device. 

78. (Original) The system of claim 77, wherein said zone configuration 
module automatically applies said security settings to said firewall module Tor purposes 
of regulating access to said device. 



13 



PAGE 18/33 * RCVD AT 1 1/3/2006 5:53:53 PM [Eastern Standard Time] * SVR:USPTWJ XRF-6/38 * DNIS;2738300 * CSID:1 81 5 572 8299 * DURATION (mm-ss):12-26 



